1. Field of the Invention
The present invention relates to a smart card and an access method thereof. More specifically, the present invention relates to a smart card and an access method thereof for use with a smart card management system.
2. Descriptions of the Related Art
In recent years, as the smart card technology is matured increasingly, applications thereof become diversified accordingly. The most commonly found application of smart cards in the daily life is the Easy card system that is indispensable to metro or bus transportation. Besides, smart cards have also been found widely in e-business, access control applications and various electronic products.
According to the current smart card system architecture, a smart card system typically comprises a card server, a smart card access apparatus (e.g., a card reader) and a smart card. The smart card access apparatus may be connected to the card server via a network. The smart card may be electrically connected to the smart card access apparatus to interact with the card server via the smart card access apparatus. The smart card is configured to store therein various transaction data, private information and so on. To ensure that the various data stored in the smart card is prevented from being stolen by an illegal user, the conventional smart card system protects the smart card through the following management mechanism.
Generally, both the card server and the smart card have an authentication key stored therein, and in consideration of safety concerns, the keys are not stored in the smart card access apparatus. If a user desires to operate or process data stored in the smart card via the smart card access apparatus, an authentication process shall be carried out between the smart card and the card server by means of the respective keys they have, so as to identify that the user is a legal user who is allowed to operate or process the data stored in the smart card.
In other words, as restricted by the fact that the keys can only be stored in the card server and the smart card, this authentication process can only be accomplished when the card server and the smart card access apparatus are connected. However, in real life, to keep the card server and the smart card access apparatus that is used over the counter connected at any time is somewhat difficult and wastes the connection resources. Moreover, the most widely used multi-application smart card global platform has not provided an effective solution for off-line smart card authentication yet.
Accordingly, an urgent need exists in the art to provide a solution that may still protect and manage data stored in a smart card effectively when the smart card access apparatus is disconnected from the card server.